From ce82b59e0b5ce4220c77bd5efcbdec064aa8d643 Mon Sep 17 00:00:00 2001
From: Brian Lee <git@blee.tube>
Date: Thu, 25 May 2023 14:13:15 -0700
Subject: [PATCH] Set up a unix domain socket.

---
 README.md               | 6 +++++-
 defaults/main.yml       | 4 +++-
 tasks/main.yml          | 8 ++++++++
 templates/server.yml.j2 | 4 ++--
 4 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 46036c9..9d464f8 100644
--- a/README.md
+++ b/README.md
@@ -24,4 +24,8 @@ For more configuration info, see the upstream [configuration docs](https://docs.
   roles:
     - role: bleetube.ntfy
       become: true
-```
\ No newline at end of file
+```
+
+## Resources
+
+* binwiederhier publishes the [configuration for his production server](https://github.com/binwiederhier/ntfy-ansible/blob/main/roles/ntfy/templates/server.yml.j2) in an Ansible playbook.
\ No newline at end of file
diff --git a/defaults/main.yml b/defaults/main.yml
index 9d4a7da..97a5368 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -3,4 +3,6 @@ ntfy_base_url: ''
 ntfy_listen_http: ":80"
 ntfy_cache_file: /var/cache/ntfy/cache.db
 ntfy_behind_proxy: 'true'
-ntfy_attachment_cache_dir: /var/cache/ntfy/attachments
\ No newline at end of file
+ntfy_attachment_cache_dir: /var/cache/ntfy/attachments
+ntfy_listen_unix: /run/ntfy/ntfy.sock
+ntfy_listen_unix_mode: '0666'
\ No newline at end of file
diff --git a/tasks/main.yml b/tasks/main.yml
index 4e1f3cc..fda25d5 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -9,6 +9,14 @@
     state: present
   when: ansible_os_family != 'Debian'
 
+- name: Ensure directory for ntfy domain sockets
+  ansible.builtin.file:
+    path: /var/run/ntfy
+    state: directory
+    owner: ntfy
+    group: ntfy
+    mode: '0755'
+
 - name: Ensure ntfy is enabled on boot
   ansible.builtin.service:
     name: ntfy
diff --git a/templates/server.yml.j2 b/templates/server.yml.j2
index f683997..fe408a3 100644
--- a/templates/server.yml.j2
+++ b/templates/server.yml.j2
@@ -25,8 +25,8 @@ listen-http: "{{ ntfy_listen_http }}"
 # Listen on a Unix socket, e.g. /var/lib/ntfy/ntfy.sock
 # This can be useful to avoid port issues on local systems, and to simplify permissions.
 #
-# listen-unix: <socket-path>
-# listen-unix-mode: <linux permissions, e.g. 0700>
+listen-unix: {{ ntfy_listen_unix }}
+listen-unix-mode: {{ ntfy_listen_unix_mode }}
 
 # Path to the private key & cert file for the HTTPS web server. Not used if "listen-https" is not set.
 #